package com.dantefung.web;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author Dante Fung
 * @create 2018-05-31 下午4:39
 * @desc authorize controller
 **/
@RestController
public class AuthorizeController {

    /**
     * 登录的用户有ADMIN角色才有权限访问此方法.
     * @return
     */
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @RequestMapping("/authorize")
    public String authorize() {
        return "有权限访问";
    }

}
